PLAY PODCASTS
Episode 201 - We broke CVSSv3, now how do we fix it?
Episode 201

Episode 201 - We broke CVSSv3, now how do we fix it?

Open Source Security · Open Source Security

June 15, 202031m 20s

Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.

Original episode page

Show Notes

Josh and Kurt talk about CVSSv3 and how it's broken. We started with a blog post to explain why the NVD CVSS scores are so wrong, and we ended up researching CVSSv3 and found out it's far more broken than any of us expected in ways we didn't expect. NVD isn't broken, CVSSv3 is. How did we get here? Are there any options that work today? Where should we go next?

Show Notes
← All episodes of Open Source Security